Paul Jakma [Tue, 27 Mar 2012 10:54:04 +0000 (11:54 +0100)]
bgpd: bgp_attr_flags_diagnose shouldn't assert
* bgpd/bgp_attr.c: (bgp_attr_flags_diagnose) debug code for error-handling
paths probably shouldn't assert, instead it should just log that there
was no problem.
Paul Jakma [Sun, 25 Mar 2012 20:31:47 +0000 (21:31 +0100)]
bgpd: attr_parse call to attr_malformed should deal with PROCEED error case
* bgpd/bgp_attr.c: (bgp_attr_parse) the invalid flag check call to
bgp_attr_malformed is pretty useless if it doesn't actually allow
for the PROCEED non-error case.
Paul Jakma [Thu, 15 Mar 2012 11:30:00 +0000 (11:30 +0000)]
bgpd: malformed attribute error that can still proceed should fixup getp
* bgp_attr.c: (bgp_attr_malformed) When a malformed attribute error can be
ignored, and BGP message processing may still proceed, the stream getp
should be adjusted to the end of the attribute - the caller may not have
consumed all the attribute. Problem noted by Martin Winter in bug 678.
Also, rename the 'startp' local to 'notify_datap', for clarity.
This is the functionality described in Appendix C of RFC 6126. Its
main purpose is to avoid keeping a full source table, which makes it
possible to implement a subset of Babel in just a few hundred lines of
code. However, in Quagga the code for maintaining the source table is
already there, and a parasitic implementation can be simulated using
filtering -- so it makes little sense to keep the functionality.
Denis Ovsienko [Sat, 11 Feb 2012 17:06:16 +0000 (21:06 +0400)]
babeld: justify "running-config" meaning in CLI
The primary focus of this commit is to make "show running-config"
command display more current configuration, including some of the bits
previously seen in the output of "show babel running-config". Besides
that, the following commands were renamed for consistency with the
syntax of other components:
"debug *" to "debug babel *" (and moved to top level)
"show babel running-config" to "show babel parameters"
* babel_interface.c
* show_babel_running_config(): rename to show_babel_parameters(),
update syntax pattern, don't call show_babeld_configuration()
* babel_if_init(): update respectively
* babel_enable_if_config_write(): new VTY helper for static
babel_enable_if
* babel_interface.h: add extern declaration
* babel_main.c: unset all debug options by default
* show_babel_main_configuration(): remove debug options decoder
* babel_zebra.c
* babel_debug(): rename to debug_babel(), update syntax pattern
* no_babel_debug(): rename to no_debug_babel(), update syntax pattern
* babelz_zebra_init(): update respectively
* debug_babel_config_write() new VTY helper for static debug_type
* babel_zebra.h: add extern declaration
* babeld.c
* babel_config_write(): add the code to output "debug babel *",
"router babel", "redistribute *" and "network *" statements
* show_babeld_configuration(): dismiss
* babeld.h: remove extern declaration
* babeld.texi: update for renamed commands
* babeld.conf.sample: idem, add debug statements block
Denis Ovsienko [Sat, 11 Feb 2012 11:25:01 +0000 (15:25 +0400)]
babeld: dismiss babel_redistribute_unset()
The function was effectively duplicating existing
zclient_redistribute(). This makes no_babel_redistribute_type()
consistent with babel_redistribute_type()
Babel makes use of blackhole routes to prevent routing loops between
overlapping prefixes shortly after a route is retracted (see RFC 6126
sections 2.8 and 3.5.5). This patch adds support for installing such
blackhole routes.
Factorise the common parts of the in/out filtering functions. This also
fixes a bug with filtered out routes, which in babeld are signalled by
a filter returing INFINITY, not -1.
babeld: Don't use an ifindex when installing IPv4 routes.
Stand-alone babeld installs routes using both a next-hop gateway
and an interface index. Unfortunately, this doesn't work for IPv4
under Quagga.
We now ignore the ifindex when installing IPv4 routes, which makes
Babel work for IPv4 in prefix-based networks. Of course this breaks
IPv4 mesh networks, unless you play some tricks with your interfaces'
netmasks.
Matthieu Boutier [Fri, 27 Jan 2012 23:29:51 +0000 (00:29 +0100)]
babeld: fix interface bug, simplify code.
Perhaps could it be able to free already free memory (so free(NULL)),
in function interface_reset(). On other hand, it initiated untracked
interfaces, raising (at least) inappropriate messages. Finally, I
remove the BABEL_IF_IS_ENABLE flag, witch was not really usefull.
Note the test if_up isn't weaker, because (...IS_UP => ...IS_ENABLE).
Matthieu Boutier [Mon, 23 Jan 2012 22:46:32 +0000 (23:46 +0100)]
babeld: babelz merge.
Babelz is the last version of the stand-alone babel daemon. In
particular, it use multiple channels to diminuate
interferences. Please refer to this one for more details.
Denis Ovsienko [Sat, 21 Jan 2012 19:16:00 +0000 (23:16 +0400)]
babeld: add MP-specific zclient API fix
Add proper initialization of SAFI field, which is present in the
revisions of zapi_ipv4 and zapi_ipv6 structures specific to
MP-BGP patchset. Without this change no Babel routes could make
into zebra RIB.
Matthieu Boutier [Fri, 20 Jan 2012 14:32:16 +0000 (15:32 +0100)]
babeld: change the modify route system.
Zebra doesn't set errno to EEXIST if we add a route who was already in
the kernel, so we always returned after just doing "add; delete". This
patch fix the problem by doing "delete; add" always.
Denis Ovsienko [Tue, 17 Jan 2012 15:25:03 +0000 (19:25 +0400)]
babeld: implement "show babel interface" command
* babel_interface.c
* show_babel_interface_sub(): new function to process one ifp
* show_babel_interface(): new function, VTY wrapper
* babel_if_init(): update respectively
Denis Ovsienko [Sun, 8 Jan 2012 12:52:36 +0000 (16:52 +0400)]
babeld: address some compilation warnings
Including system headers is not necessary with zebra.h included and
sometimes results in "__ASSERT_FUNCTION redefined" compilation warning.
* babeld.c
* babel_distribute_update_interface(): make static
* babel_interface.c
* interface_config_write(): unused 'babel_ifp'
* don't include system headers
* message.c
* send_request(): unused 'babel_ifp'
* send_multihop_request(): idem
* don't include system headers
* route.c: don't include system headers
* xroute.c: idem
* source.h: newline at EOF
* message.h: idem
Paul Jakma [Sun, 25 Dec 2011 16:52:09 +0000 (17:52 +0100)]
babeld: Initial import, for Babel routing protocol.
* Initial import of the Babel routing protocol, ported to Quagga.
* LICENCE: Update the original LICENCE file to include all known potentially
applicable copyright claims. Ask that any future contributors to babeld/
grant MIT/X11 licence to their work.
* *.{c,h}: Add GPL headers, in according with the SFLC guidance on
dealing with potentially mixed GPL/other licensed work, at:
Renato Westphal [Fri, 23 Mar 2012 19:27:40 +0000 (16:27 -0300)]
lib: fix endianness bug in prefix.c
While defining two "maskbytes" arrays for the respective endiannesses,
the code was unconditionally using one that only worked on little endian
systems.
Use preprocessor macros to avoid the somewhat expensive
htonl/ntohl macros.
From: Renato Westphal <renatowestphal@gmail.com> Signed-off-by: David Lamparter <equinox@diac24.net>
Denis Ovsienko [Sun, 26 Feb 2012 13:59:43 +0000 (17:59 +0400)]
ospfd: bring ospf_check_auth() into focus
The old ospf_check_auth() function did two different jobs depending on
AuType. For Null and Simple cases it actually authenticated the packet,
but for Cryptographic case it only checked declared packet size (not
taking the actual number of bytes on wire into account). The calling
function, ospf_verify_header(), had its own set of MD5/checksum checks
dispatched depending on AuType.
This commit makes the packet size check work against the real number of
bytes and moves it to ospf_packet_examine(). All MD5/checksum
verification is now performed in ospf_check_auth() function.
* ospf_packet.c
* ospf_packet_examin(): check length with MD5 bytes in mind
* ospf_verify_header(): remove all AuType-specific code
* ospf_check_auth(): completely rewrite
Denis Ovsienko [Mon, 20 Feb 2012 19:08:10 +0000 (23:08 +0400)]
ospfd: fix packet length check for auth/LLS cases
An OSPFv2 packet with trailing data blocks (authentication and/or
link-local signaling) failed the recently implemented packet length
check, because trailing data length isn't counted in the packet header
"length" field. This commit fixes respective check conditions.
* ospf_packet.c
* ospf_packet_examin(): use "bytesdeclared" instead of "bytesonwire"
Denis Ovsienko [Fri, 17 Feb 2012 12:20:50 +0000 (16:20 +0400)]
ospfd: introduce ospf_lsa_minlen[] (BZ#705)
This commit ports more packet checks to OSPFv2, in particular, LSA size
verification and Router-LSA link blocks verification.
* ospf_lsa.h: add LSA size macros
* ospf_packet.h: add struct ospf_ls_update
* ospf_packet.c
* ospf_lsa_minlen[]: a direct equivalent of ospf6_lsa_minlen[]
* ospf_router_lsa_links_examin(): new function, verifies trailing
part of a Router-LSA
* ospf_lsa_examin(): new function like ospf6_lsa_examin()
* ospf_lsaseq_examin(): new function like ospf6_lsaseq_examin()
* ospf_packet_examin(): add type-specific deeper level checks
Denis Ovsienko [Mon, 30 Jan 2012 12:07:18 +0000 (16:07 +0400)]
ospfd: review ospf_check_auth()
1. The only purpose of "ibuf" argument was to get stream size, which
was always equal to OSPF_MAX_PACKET_SIZE + 1, exactly as initialized
in ospf_new().
2. Fix the packet size check condition, which was incorrect for very
large packets, at least in theory.
Denis Ovsienko [Mon, 30 Jan 2012 11:41:39 +0000 (15:41 +0400)]
ospfd: introduce ospf_packet_minlen[] (BZ#705)
This commit ports some of the OSPFv3 packet reception checks
to OSPFv2.
* ospf_packet.c
* ospf_packet_minlen[]: a direct equivalent of ospf6_packet_minlen[]
* ospf_packet_examin(): new function designed after the first part
of ospf6_packet_examin()
* ospf_read(): verify received packet with ospf_packet_examin()
* ospf_packet.h: add convenience macros
Paul Jakma [Thu, 8 Mar 2012 13:51:21 +0000 (13:51 +0000)]
HACKING.tex: Change to a LaTeX version of HACKING
* configure.ac: Check for latexmk and pdflatex
* Makefile.am: Add a conditional target to build HACKING.pdf, as a convenience
* HACKING.tex: A slightly more structured HACKING, is readable on its own.
* HACKING: removed
Paul Jakma [Mon, 9 Jan 2012 20:59:26 +0000 (20:59 +0000)]
bgpd: Open option parse errors don't NOTIFY, resulting in abort & DoS
* bgp_packet.c: (bgp_open_receive) Errors from bgp_open_option_parse are
detected, and the code will stop processing the OPEN and return. However
it does so without calling bgp_notify_send to send a NOTIFY - which means
the peer FSM doesn't get stopped, and bgp_read will be called again later.
Because it returns, it doesn't go through the code near the end of the
function that removes the current message from the peer input streaam.
Thus the next call to bgp_read will try to parse a half-parsed stream as
if it were a new BGP message, leading to an assert later in the code when
it tries to read stuff that isn't there. Add the required call to
bgp_notify_send before returning.
* bgp_open.c: (bgp_capability_as4) Be a bit stricter, check the length field
corresponds to the only value it can be, which is the amount we're going to
read off the stream. And make sure the capability flag gets set, so
callers can know this capability was read, regardless.
(peek_for_as4_capability) Let bgp_capability_as4 do the length check.
Paul Jakma [Tue, 28 Feb 2012 18:32:56 +0000 (18:32 +0000)]
lib: fix incorrect thread list processing loops
* thread.c: (thread_timer_process,thread_process) thread_list_delete nulls
thread->next. Loops need to save next first, or will only process the head.
Problem noted by Lou Berger <lberger@labn.net>.
Paul Jakma [Wed, 18 Jan 2012 12:28:30 +0000 (12:28 +0000)]
bgpd: Move up flag-check calls, parcel up attr-parser args, and other cleanups
* bgp_attr.h: (struct bgp_attr_parser_args) Attribute parsing context,
containing common arguments.
* bgp_attr.c: (general) Move the bgp_attr_flag_invalid flag-check calls up,
out of each individual attr parser function, to be done once in attr_parse.
Similarly move the calculation of the 'total' attribute length field up
to attr_parse.
Bundle together common arguments to attr-parsing functions and helpers
into (struct bgp_attr_parser_args), so it can be passed by reference down
the stack & also de-clutter the argument lists & make it easier to
add/modify the context for attr-parsing - add local const aliases to avoid
modifying body of code too much. This also should help avoid cut & paste
errors, where calls to helpers with hard-coded attribute types are pasted
to other functions but the code isn't changed.
(bgp_attr_flags_diagnose) as above.
(bgp_attr_flag_invalid) as above.
(bgp_attr_{origin,aspath,as4_path,nexthop,med,local_pref,atomic}) as above.
(bgp_attr_{aggregator,as4_aggregator,community,originator_id}) as above
(bgp_attr_{cluster_list,ext_communities},bgp_mp_{un,}reach_parse) as above
(bgp_attr_unknown) as above.
(bgp_attr_malformed) as above. Also, startp and length have to be
special-cased, because whether or not to send attribute data depends
on the particular error - a separate length argument, distinct from
args->length, indicates whether or not the attribute data should be sent
in the NOTIFY.
(bgp_attr_aspath_check) Call to bgp_attr_malformed is wrong here, there is
no attribute parsing context - e.g. the 'flag' argument is unlikely to be
right, remove it. Explicitly handle the error instead.
(bgp_attr_munge_as4_attrs) Flag argument is pointless.
As the comment notes, the check here is pointless as AS_PATH presence
already checked elsewhere.
(bgp_attr_parse) Do bgp_attr_flag_invalid call here.
Use (struct bgp_attr_parser_args) for args to attr parser functions.
Remove out-of-context 'flag' argument to as4 checking functions.
Paul Jakma [Tue, 17 Jan 2012 13:31:33 +0000 (13:31 +0000)]
bgpd: consolidate attribute flag checks
* bgpd/bgp_attr.c: (attr_flags_values []) array of required flags for
attributes, EXTLEN & PARTIAL masked off as "dont care" as appropriate.
(bgp_attr_flag_invalid) check if flags may be invalid, according to
the above table & RFC rules.
(bgp_attr_*) Use bgp_attr_flag_invalid.
(bgp_attr_as4_aggregator) ditto, also take startp argument for the
NOTIFY data.
(bgp_attr_parse) pass startp to bgp_attr_as4_aggregator
projects / mirror / frr.git / log